Foreign agents setting up bogus election websites: DHS

Feds identify dozens of suspicious domains

Dozens of spurious websites that look like official election domains could be used to interfere with the 2020 presidential election, the FBI has warned.

The URLs of the sites mimic national and state voter information sites and might be deployed to spread false information on voting -- or for election interference or to influence operations, according to a Department of Homeland Security bulletin obtained first by Yahoo News.


“The FBI between March and June 2020 identified suspicious typosquatting of U.S. state and federal election domains, according to recent FBI reporting from a collaborative source,” the bulletin sent earlier this month reads.

According to Mashable, typosquatting refers to hackers registering a domain name that is close enough to a real site for Internet users to be fooled into visiting it and entering personal information.

“These suspicious typosquatting domains may be used for advertising, credential harvesting, and other malicious purposes, such as phishing and influence operations,” the DHS bulletin cautioned. “Users should pay close attention to the spelling of web addresses or websites that look trustworthy but may be close imitations of legitimate U.S. election websites.”

While registering doppelganger domain names may not always be nefarious, DHS said the sites could be an “initial preparatory step by criminal and foreign adversaries” plotting attacks on November's presidential election.

The warning comes as The New York Times reports that members of the U.S. intelligence community say Russia, China, and Iran are all attempting to meddle in the race. The same agencies said in 2016 that Russia used digital influence operations to sway voters in favor of President Trump, who has been dogged by that assessment for the past four years.

At the beginning of August, the Office of the Director of National Intelligence, according to Yahoo, released information on countries seeking to influence this year's results, and on Wednesday, Director of the National Counterintelligence and Security Center William Evanina said Cuba, North Korea and Saudi Arabia are also meddling, Cyberscoop reported.

The ploys come amid a global pandemic that has devastated the U.S., chipping away at the economy, education, health and safety and an already beleaguered U.S. Postal Service that will be relied upon for mail-in ballots.

With states changing voting regulations to fit stringent coronavirus guidelines, many voters will go online this year to find out how to cast their ballots for president.

What's waiting for them are dot-com and dot-net websites flagged by the FBI with names that appear to reference voting in states like Pennsylvania, Georgia, Tennessee and Florida.

Many states' official sites use dot-net and dot-com domains, though there's been a bipartisan bill to shepherd states and localities to dot-gov domains that denote official government agencies sitting on the Senate floor since January.

Election security researchers are also seeing domain names and websites pop up that mimick candidates or party or surrogate websites, Yahoo News also noted.


Even if there are no malware extensions to install on these look-alike sites -- especially a problem for those searching for voting information on their mobile phone, where it's harder to see a full address -- they still have the potential to do serious harm spreading false information.

Voters can avoid that, however, by paying attention and ensuring they are reviewing accurate information ahead of the Nov. 3 election.